CVE-2021-28446
published 2021-04-13CVE-2021-28446: Windows Portmapping Information Disclosure Vulnerability
medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
Windows Portmapping Information Disclosure Vulnerability
Affected
44 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10_version_1607 | >= 10.0.0 < publication | publication |
| microsoft | windows_10_version_1809 | >= 10.0.0 < publication | publication |
| microsoft | windows_10_version_1909 | >= 10.0.0 < publication | publication |
| microsoft | windows_10_version_2004 | >= 10.0.0 < publication | publication |
| microsoft | windows_10_version_20h2 | >= 10.0.0 < publication | publication |
| microsoft | windows_7 | >= 6.1.0 < publication | publication |
| microsoft | windows_7_service_pack_1 | >= 6.1.0 < publication | publication |
| microsoft | windows_8.1 | >= 6.3.0 < publication | publication |
| microsoft | windows_server_2008 | — | — |
| microsoft | windows_server_2008_r2_service_pack_1 | >= 6.0.0 < publication | publication |
| microsoft | windows_server_2008_r2_service_pack_1 | >= 6.1.0 < publication | publication |
| microsoft | windows_server_2008_service_pack_2 | >= 6.0.0 < publication | publication |
| microsoft | windows_server_2012 | — | — |
| microsoft | windows_server_2012 | >= 6.2.0 < publication | publication |
| microsoft | windows_server_2012_r2 | >= 6.3.0 < publication | publication |
| microsoft | windows_server_2016 | — | — |
| microsoft | windows_server_2016 | — | — |
| microsoft | windows_server_2016 | — | — |
| microsoft | windows_server_2016 | >= 10.0.0 < publication | publication |
GHSA
GHSA-725p-65w3-rpp3: Windows Portmapping Information Disclosure Vulnerability
ghsa_unreviewed·2022-05-24
CVE-2021-28446 [MEDIUM] GHSA-725p-65w3-rpp3: Windows Portmapping Information Disclosure Vulnerability
Windows Portmapping Information Disclosure Vulnerability
Microsoft
Windows Portmapping Information Disclosure Vulnerability
vendor_msrc·2021-04-13·CVSS 7.1
CVE-2021-28446 [HIGH] Windows Portmapping Information Disclosure Vulnerability
Windows Portmapping Information Disclosure Vulnerability
Description: N/A
FAQ: What type of information could be disclosed by this vulnerability?
The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory.
Windows Portmapping: Windows Portmapping
Microsoft: Microsoft
Impact: Information Disclosure
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5001342
Reference: https://support.microsoft.com/help/5001342
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5001337
Reference: https://support.microsoft.com/help/50013
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2021-04-13
Published